First post request

2024-11-23 13:59:29 +00:00 · 2017-12-24 17:45:05 +01:00 · 2017-12-24 17:45:05 +01:00 · 85bf596e54
commit 85bf596e54
parent bdf47b9c26
4 changed files with 135 additions and 6 deletions
--- a/RestControllers/friendsController.php
+++ b/RestControllers/friendsController.php
@ -162,12 +162,8 @@ class friendsController{

 		user_login_required(); //Login required

-		//Check if the a friendID has been specified
-		if(!isset($_POST['friendID']))
-			Rest_fatal_error(400, "Please specify a friend ID !");
-
 		//Get it
-		$friendID = toInt($_POST['friendID']);
+		$friendID = getPostUserID('friendID');

 		//Prepare the response
 		$response = array(
--- a/RestControllers/postsController.php
+++ b/RestControllers/postsController.php
@ -8,5 +8,32 @@
 */

 class postsController {
-	
+
+	/**
+	 * Get user posts
+	 * 
+	 * @url POST /posts/get_user
+	 */
+	public function getUserPosts(){
+
+		//Get user ID
+		$userID = getPostUserID("userID");
+
+		//Check if user is allowed to access informations or not
+		if(!CS::get()->components->user->userAllowed(userID, $userID))
+			Rest_fatal_error(401, "You are not allowed to access this user posts !");
+
+		//Check if there is a startpoint for the posts
+		if(isset($_POST['startFrom'])){
+			$startFrom = toInt($_POST['startFrom']);
+		}
+		else
+			$startFrom = 0; //No start point
+
+		//Get visibility level for the post
+		$visibility_level = CS::get()->components->posts->getUserVisibility(userID, $userID);
+
+		return CS::get()->components->posts->getUserPosts(userID, $userID, $visibility_level, $startFrom);
+	}
+
 }
--- a/classes/components/posts.php
+++ b/classes/components/posts.php
@ -7,6 +7,85 @@

 class Posts {

+	/**
+	 * Visibility levels
+	 */
+	//Posts that can be seen by anyone
+	const VISIBILITY_PUBLIC = 1;
+
+	//Posts that can be seen by the friends of the user
+	const VISIBILITY_FRIENDS = 2;
+
+	//Posts that can be seen by the user only
+	const VISIBILITY_USER = 3;
+
+	/**
+	 * Table name
+	 */
+	const TABLE_NAME = "texte";
+
+	/**
+	 * Get the visibility level of a user other another user
+	 * 
+	 * @param int $userID The ID of the user to fetch
+	 * @param int $targetID The ID of the user target
+	 * @return int Visibility level
+	 */
+	public function getUserVisibility(int $userID, int $targetID) : int {
+
+		//If the user making the request and the target user are the same
+		if($userID == $targetID)
+			return $this::VISIBILITY_USER;
+		
+		//Check user if is signed out
+		if($userID == 0)
+			return $this::VISIBILITY_PUBLIC;
+		
+		//Check if the two users are friends or not
+		if(CS::get()->components->friends->are_friend($userID, $targetID))
+			//Users are friends
+			return $this::VISIBILITY_FRIENDS;
+
+		else
+			//Users are not friend
+			return $this::VISIBILITY_PUBLIC;
+
+	}
+
+	/**
+	 * Get a list of post of a user
+	 * 
+	 * @param int $userID The ID of the user making the request
+	 * @param int $targetID The ID of the target user
+	 * @param int $visibilityLevel Visibility level required
+	 * @param int $startPoint The startpoint for the request (0 stands for none)
+	 */
+	public function getUserPosts(int $userID, int $targetID, int $visibilityLevel, int $startPoint = 0) : array {
+
+		//Prepare the request on the database
+		$conditions = "WHERE ID_personne = ? AND (";
+		$dataConds = array($targetID);
+
+		//Add the visibility level conditions
+		$conditions .= "(niveau_visibilite <= ?)";
+		$dataConds[] = $visibilityLevel;
+
+		//If user is signed in, include all the posts that he has created
+		if($userID > 0){
+			$conditions .= " OR (ID_amis = ?) ";
+			$dataConds[] = $userID;
+		}
+
+		//Close conditions
+		$conditions .= ")";
+
+		//Perform the request
+		return CS::get()->db->select(
+			$this::TABLE_NAME,
+			$conditions,
+			$dataConds
+		);
+	}
 }

 //Register component
--- a/functions/requests.php
+++ b/functions/requests.php
@ -133,4 +133,31 @@ function check_user_id(int $userID) : bool {
 		return false; //Invalid

 	return true; //Valid
+}
+
+/**
+ * Get userID posted in a request and return it if there
+ * isn't any error
+ * 
+ * @param string $name Optionnal, the name of the post field
+ * @return int User ID
+ * @throws RestError in case of error
+ */
+function getPostUserID(string $name = "userID") : int {
+
+	//Get userID post
+	if(!isset($_POST[$name]))
+		Rest_fatal_error(400, "Please specify a userID in '".$name."' !");
+	
+	$userID = toInt($_POST[$name]);
+
+	//Check userID validity
+	if(!check_user_id($userID))
+		Rest_fatal_error(400, "Invalid userID in '".$name."' !");
+	
+	//Check if user exits
+	if(!CS::get()->components->user->exists($userID))
+		Rest_fatal_error(404, "Specified user in '".$name."' not found !");
+	
+	return $userID;
 }